Global Chief Information Security Officer (CISO)

About The Position

Requirements

• Proven track record in a senior security leadership role (CISO, Director of Security, or Head of Information Security) within the Financial Services or FinTech sector.
• Direct experience steering organizations through complex information security audits, certifications, licensing, and international regulatory compliance.
• Demonstrated experience in creating, implementing, and managing group-level security processes and frameworks.
• Exceptional leadership skills with a proven ability to manage remote, distributed teams.
• Strong sense of ownership, proactiveness, and high responsibility.
• Fluent English with excellent communication and reporting skills.
• Must be physically located and legally authorized to work remotely within Europe.

Nice To Haves

• Ukrainian or Russian language skills.
• Hands-on experience in the Cryptocurrency, Web3, or Blockchain industry, understanding specific security vectors (custody, cold/hot wallet security).

Responsibilities

• Define, drive, and execute the global information security roadmap aligned with business goals.
• Assess and define CEX.IO’s current and future requirements in terms of information security.
• Identify capability gaps in the context of regulatory considerations and industry benchmarks.
• Build, implement, and optimize robust security processes, frameworks, and policies across the entire organization from the ground up.
• Ensure all target teams are provided with the training and resources needed to perform their jobs to the highest degree possible.
• Oversee the successful acquisition and maintenance of industry-specific licenses and certifications (e.g., SOC 2, PCI-DSS, DORA, MiCA/crypto regulations).
• Manage regular internal/external security audits and executive reporting.
• Collaborate with external auditors and regulators, acting as the primary technical point of contact and subject matter expert during corporate certification processes and regulatory reviews.
• Collaborate with the Legal and data protection team to ensure information security policies strictly map to European GDPR compliance, data privacy laws, and corporate governance standards.
• Collaborate with Managing Directors and Officers within the UK, US, and ES locations to bridge global information security frameworks with local regulatory mandates and licensing requirements.
• Collaborate with Engineering and Product teams to embed security directly into the software development lifecycle and product roadmap.
• Collaborate on secure coding practices, vulnerability management, and ensuring that product architectures (especially crypto/wallet features) are secure by design before release.
• Lead, mentor, and scale a high-performing, fully remote security team.
• Foster a culture of accountability and proactiveness.
• Lead all managerial functions in accordance with the company’s policies and procedures (hiring, training, setting goals, appraising performance, budgeting).
• Act as the ultimate point of escalation for global security incidents, ensuring proactive threat hunting and rapid mitigation.
• Manage the oversight of technical risk assessments, such as vulnerability scanning, penetration testing, risk reviews for new applications, and third-party risk assessments.